Issuance of Maritime Security (MARSEC) Directive 105-4; Cyber Risk Management Actions for Ship-to-Shore Cranes Manufactured by People's Republic of China Companies
| Published date | 23 February 2024 |
| Record Number | 2024-03822 |
| Citation | 89 FR 13726 |
| Court | Coast Guard |
| Section | Notices |
Federal Register, Volume 89 Issue 37 (Friday, February 23, 2024)
[Federal Register Volume 89, Number 37 (Friday, February 23, 2024)]
[Notices]
[Pages 13726-13727]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2024-03822]
=======================================================================
-----------------------------------------------------------------------
DEPARTMENT OF HOMELAND SECURITY
Coast Guard
[Docket No. USCG-2024-0049]
Issuance of Maritime Security (MARSEC) Directive 105-4; Cyber
Risk Management Actions for Ship-to-Shore Cranes Manufactured by
People's Republic of China Companies
AGENCY: Coast Guard, DHS.
ACTION: Notice of availability.
-----------------------------------------------------------------------
SUMMARY: The Coast Guard announces the availability of Maritime
Security (MARSEC) Directive 105-4, which provides cyber risk management
actions for owners or operators of ship-to-shore (STS) cranes
manufactured by People's Republic of China (PRC) companies (PRC-
manufactured STS cranes). The directive contains security-sensitive
information and, therefore, cannot be made available to the general
public. Owners or operators of PRC-manufactured STS cranes should
immediately contact their local Coast Guard Captain of the Port (COTP)
or District Commander for a copy of MARSEC Directive 105-4.
DATES: MARSEC Directive 105-4 is available on February 21, 2024.
FOR FURTHER INFORMATION CONTACT: For information about this document
call or email Brandon Link, Commander, U.S.
[[Page 13727]]
Coast Guard, Office of Port and Facility Compliance; telephone 202-372-
1107, email [email protected].
SUPPLEMENTARY INFORMATION:
Background and Purpose
MARSEC Directive 105-4 provides cyber risk management actions for
owners or operators of PRC-manufactured STS cranes. Owners or operators
of PRC-manufactured STS cranes should immediately contact their local
COTP or cognizant District Commander for a copy of MARSEC Directive
105-4.
The Maritime Transportation Security Act's implementing regulations
in 33 CFR parts 101-105 are designed to protect the maritime elements
of the national transportation system. Under 33 CFR 101.405, the Coast
Guard may set forth additional security measures to respond to a threat
assessment or to a specific threat against those maritime elements. In
addition, per 33 CFR 6.14-1, the Commandant ``may prescribe such
conditions and restrictions relating to the safety of waterfront
facilities and vessels in port as the Commandant finds to be necessary
under existing circumstances.''
PRC-manufactured STS cranes make up the largest share of the global
ship-to-shore crane market and account for nearly 80% of the STS cranes
at U.S. ports. By design, these cranes may be controlled, serviced, and
programmed from remote locations, and those features potentially leave
PRC-manufactured STS cranes vulnerable to exploitation, threatening the
maritime elements of the national transportation system.
As such, additional measures are necessary to prevent a
Transportation Security Incident in the national transportation system
due to the prevalence of PRC-manufactured STS cranes in the U.S.,
threat intelligence related to the PRC's interest in disrupting U.S.
critical infrastructure, and the built-in vulnerabilities for remote
access and control of these STS cranes.
Procedural
COTPs and District Commanders can access all MARSEC directives on
Homeport by logging in and going to Missions > Maritime Security >
Domestic Ports and Waterway Security > Policy. Owners and operators of
PRC-manufactured cranes must contact their local COTP or cognizant
District Commander to acquire a copy of MARSEC Directive 105-4. COTPs
or cognizant District Commanders may provide this MARSEC Directive to
appropriate owners and operators in accordance with SSI handling
procedures.
Pursuant to 33 CFR 101.405, we consulted with the Department of
State, Department of Defense, Department of Transportation/Maritime
Administration, Department of Homeland Security, Transportation
Security Administration, Cybersecurity and Infrastructure Security
Agency, and National Maritime Intelligence-Integration Office.
All MARSEC Directives issued pursuant to 33 CFR 101.405 are marked
as SSI in accordance with 49 CFR part 1520. COTPs and District
Commanders will require individuals requesting a MARSEC Directive to
prove that they meet the standards for a ``covered person'' under 49
CFR 1520.7, have a ``need to know'' the information, as defined in 49
CFR 1520.11, and that they will safeguard the SSI in MARSEC Directive
105-4 as required in 49 CFR 1520.9.
This notice is issued under authority of 33 CFR 6.14-1 and
101.405(a)(2) and 5 U.S.C. 552(a).
Dated: February 21, 2024.
Amy M. Beach,
Captain, U.S. Coast Guard, Director of Inspections and Compliance.
[FR Doc. 2024-03822 Filed 2-21-24; 11:15 am]
BILLING CODE 9110-04-P
